Iptables -t nat -A PREROUTING -p tcp -dport -j REDIRECT -to-port iptables -t nat -A PREROUTING -p tcp -dport 1234 -j REDIRECT -to-port 80 Complex Port Forwarding Instead of having Apache listen on the obscure port and creating a customized virtual host, I often just use iptables to redirect traffic from the obscure port to the standard port. For example, you may want Apache httpd available on your internal network at port 80, but externally on some obscure port for a host that is directly connected to both networks. This can be helpful if you want a particular service available on different ports internally and externally for the same host. I find myself going back to my notes and code snippets somewhat frequently to jog my memory on the format of these patterns, and felt it might be helpful to share them.įor the purposes of my examples, let’s say we have the following setup: These generally involve NAT and Port Forwarding, and use not the filter table, but the nat table. Over time, I have come to use a few patterns that go beyond the simple “allow this” or “block everything but”. When=$(zenity -entry -text "Enter when you want to run.I make use of netfilter/iptables quite frequently - most system admins probably do. Iptables -L -n | zenity -text-info -width 850 Zenity -question -text "You are about to FLUSH IPTABLS, Are you sure?" Grep "$date1.*$logprefix.*$portnumber" /var/log/messages | awk -v var1="$starttime" -v var2="$endtime" '$3 >= var1 & $3 = var1 & $3 /etc/sysconfig/$filename Protocol=$(zenity -entry -text "Enter Protocol. Logprefix=$(zenity -entry -text "Enter Chain+Action ex: INPUT-ACCEPTED.") Portnumber=$(zenity -entry -text "Enter Port number.")
usage: hour:min:sec")Įndtime=$(zenity -entry -text "Enter end time.
Zenity -error -text "You must be located in /root" >&2ĭate1=$(zenity -entry -text "Enter a Date. # Purpose: to find the log that we want from /var/log/messages
0 kommentar(er)
